topic Re: Quantum Spark implied rules blocking ESX (tcp/902) in Spark Firewall (SMB)

Quantum Spark implied rules blocking ESX (tcp/902)

marcherren — Tue, 22 Feb 2022 15:45:02 GMT

I've got problems doing ESX backup (using Synology Active Backup for Business) due to port tcp/902 beeing blocked between my Synology and my ESX server. It seems that an implied rule is causing this. Can I somehow control this ?

FW : R80.20.35 (992002613)

Re: Quantum Spark implied rules blocking ESX (tcp/902)

K_montalvo — Tue, 22 Feb 2022 16:16:58 GMT

Hello buddy!

Create an access rule to allow the communication between those two devices with:

source 10.10.10.4 and Destination 10.10.80.10
Service TCP_902

If your device is Locally Managed:

https://sc1.checkpoint.com/documents/SMB_R80.20.35/AdminGuides/Locally_Managed/EN/Topics/Quantum-Spark-1500-1600-1800-Appliance-Series-Overview.htm

If your device is Centrally Managed:

https://sc1.checkpoint.com/documents/SMB_R80.20.35/AdminGuides/Centrally_Managed/EN/Default.htm

If you prefer to call CP Support they have an option for SMB specialist and also can assist you. Let me know if needed further help

Re: Quantum Spark implied rules blocking ESX (tcp/902)

G_W_Albrecht — Tue, 22 Feb 2022 16:50:33 GMT

Strange - i assume that this is internal traffic and Stateful Inspection - Perform deep packet inspection on LAN to LAN traffic is still off ? I would suggest to contact TAC...

Re: Quantum Spark implied rules blocking ESX (tcp/902)

G_W_Albrecht — Tue, 22 Feb 2022 17:06:17 GMT

Trying that is good - i only fear that rule 0 will drop the packet first.

Re: Quantum Spark implied rules blocking ESX (tcp/902)

marcherren — Wed, 23 Feb 2022 07:22:38 GMT

Yes I did this, also disabled (just to be sure) all others blade than FW without any success.

Implied rules are always handled first (in my knowledge)

Re: Quantum Spark implied rules blocking ESX (tcp/902)

marcherren — Wed, 23 Feb 2022 07:31:14 GMT

As I got Collaborative Support ( it's my private firewall at home) I would need to pay every minute my local vender investigates/coordinates this 🙂 Is there a way to send a bug report (I would know why implied rule would block tcp/902) so that cp at least notice this problem. Or should I just hope that someone @Checkpoint will notice this trough this forum ? 🤔

Re: Quantum Spark implied rules blocking ESX (tcp/902)

G_W_Albrecht — Wed, 23 Feb 2022 07:48:52 GMT

As you have bought Collaborative Support, your CCSP should be caring for your issues !

This is about 20$ saved per year compared to Direct Support enabling you to get immediate help using chat.

Re: Quantum Spark implied rules blocking ESX (tcp/902)

marcherren — Wed, 23 Feb 2022 07:59:34 GMT

Nothing to discuss here. This is the business model of my partner of choice (for different other reasons)

I was just hoping to report (in my opinion) a bug to checkpoint somehow so they can improve their product.

Re: Quantum Spark implied rules blocking ESX (tcp/902)

G_W_Albrecht — Wed, 23 Feb 2022 12:18:42 GMT

That is your choice - if i buy support, i will get support, why should i burn money ? Did you try to put both devices into the same subnet ?

Re: Quantum Spark implied rules blocking ESX (tcp/902)

Amir_Ayalon — Wed, 02 Mar 2022 08:04:35 GMT

implied rule are meant to allow traffic, not to block it, so this is not the expected behavior.

perhaps it’s a blocked device ?